backtop


Print

He'll present the findings at Black Hat

A hacker plans to show how passenger jets could be at risk for attacks via their Wi-Fi and in-flight entertainment systems. 
 
According to Reuters, Ruben Santamarta -- a consultant with cyber security firm IOActive -- will present how to hack the satellite communications equipment on passenger jets at this week's Black Hat hacking conference in Las Vegas. 
 
Santamarta reportedly published a 25-page research report in April, which described multiple bugs in firmware used in satellite communications equipment. He discovered the vulnerabilities by reverse engineering the firmware that is used to operate communications equipment. 
 
More specifically, he decoded firmware made by Cobham Plc., Harris Corp, EchoStar Corp's Hughes Network Systems, Iridium Communications Inc. and Japan Radio Co Ltd.


The risk here is that a hacker could use a plane's onboard Wi-Fi signal or inflight entertainment system to hack into more sensitive systems, potentially disrupting or modifying satellite communications. This could further interfere with the aircraft's navigation and safety systems. 
 
One vulnerability that Santamarta said he found in equipment made by all of the above-listed manufacturers was the use of "hardcoded" log-in credentials. This lets service technicians access any piece of equipment with the same login and password, but allows hackers to retrieve those passwords and use the credentials to access crucial systems.
 
The manufacturers have responded to Santamarta's paper, saying the risk of a hack is small, but that they'll look into his findings. 
 
Santamarta said he would respond to the comments from manufacturers during his presentation at Black Hat. 

Source: Reuters





"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone













botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki